Message in a Bottle: Sailing Past Censorship

Total Page:16

File Type:pdf, Size:1020Kb

Message in a Bottle: Sailing Past Censorship Message In A Bottle: Sailing Past Censorship Luca Invernizzi Christopher Kruegel Giovanni Vigna UC Santa Barbara UC Santa Barbara UC Santa Barbara California, USA California, USA California, USA [email protected] [email protected] [email protected] ABSTRACT To sneak by the censorship, the dissident populations have re- Exploiting recent advances in monitoring technology and the drop sorted to technology. A report from Harvard's Center for Internet of its costs, authoritarian and oppressive regimes are tightening & Society [44] shows that the most popular censorship-avoidance the grip around the virtual lives of their citizens. Meanwhile, vectors are web proxies, VPNs, and Tor [17]. These systems share the dissidents, oppressed by these regimes, are organizing online, a common characteristic: They have a limited amount of entry cloaking their activity with anti-censorship systems that typically points. Blocking these entry points, and evading the block, has consist of a network of anonymizing proxies. The censors have become an arms race: Since 2009, China is enumerating and become well aware of this, and they are systematically finding banning the vast majority of Tor's bridges [57]. In 2012, Iran and blocking all the entry points to these networks. So far, they took a more radical approach and started blocking encrypted have been quite successful. We believe that, to achieve resilience traffic [54], a move that Tor countered the same day by deploying to blocking, anti-censorship systems must abandon the idea of a new kind of traffic camouflaging [53]. having a limited number of entry points. Instead, they should In this paper, we take a step back and explore whether it is establish first contact in an online location arbitrarily chosen possible to design a system with so many available entry points by each of their users. To explore this idea, we have developed that it is impervious to blocking, without disconnecting from the Message In A Bottle, a protocol where any blog post becomes a global network. potential \drop point" for hidden messages. We have developed Let's generalize the problem at hand with the help of Alice, and released a proof-of-concept application of our system, and a dissident who lives in the oppressed country of Tyria. Alice demonstrated its feasibility. To block this system, censors are wants to establish, for the first time, a confidential communication left with a needle-in-a-haystack problem: Unable to identify what with Bob, who lives outside the country. To use any censorship- bears hidden messages, they must block everything, effectively resistant protocol, Alice must know something about Bob, and disconnecting their own network from a large part of the Internet. how to bootstrap the protocol. In the case of anonymizing proxies This, hopefully, is a cost too high to bear. or onion-routing/mix networks (e.g., Tor), Alice needs the address of at least one of the entry points into the network, and Bob's address. Also, to achieve confidentiality, Alice needs Bob's public Keywords key, or something equivalent to that. In protocols that employ Censorship Resistance, Deniable Communications, Steganography steganography to hide messages in files uploaded to media-hosting sites (such as Collage [12]) or in network traffic (such as Telex [62]), 1. INTRODUCTION Alice must know the location of the first rendezvous point, and 1 The revolutionary wave of protests and demonstrations known Bob's public key . as the Arab Spring rose in December 2010 to shake the foundations The fact that Alice needs to know this information inevitably of a number of countries (e.g., Tunisia, Libya, and Egypt), and means that the censor can learn it too (as he might pose as showed the Internet's immense power to catalyze social awareness Alice). Bob cannot avoid this, without having some way to through the free exchange of ideas. This power is so threatening distinguish Alice from the censor (but this becomes a chicken- to repressive regimes that censorship has become a central point in and-egg problem: How did Bob come to know that, since he their agendas: Regimes have been investing in advanced censoring never had any confidential communication with Alice before?). technologies [43], and even resorted to a complete isolation from We believe that this initial something that Alice must know is a the global network in critical moments [14]. For example, Pakistan fundamental weakness of existing censorship-resistant protocols, recently blocked Wikipedia, YouTube, Flickr, and Facebook [2], which forms a crack in their resilience to blocking. For example, and Syria blocked citizen-journalism media sites [51]. this is the root cause of the issues that Tor is facing when trying to distribute bridge addresses to its users, without exposing these addresses to the censor [52]. It is because of this crack that China has been blocking the majority of Tor traffic since 2009 [57]: The Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies 1 bear this notice and the full citation on the first page. To copy otherwise, to To be precise, in Telex, Alice does not need to know the precise republish, to post on servers or to redistribute to lists, requires prior specific location of the proxy running the Telex protocol. However, she permission and/or a fee. Request permissions from [email protected]. needs to be aware that a Telex proxy will occur somewhere in the ACSAC ’13 December 09-13, 2013, New Orleans, LA, USA path to the decoy destination. Here, we consider this destination Copyright 2013 ACM 978-1-4503-2015-3/13/12 ...$15.00. to be the rendezvous point she must know. number of entry points is finite, and a determined attacker can His intent is to discover and suppress the spreading of dissident enumerate them by pretending to be Alice. ideas. Determining the current and potential capabilities of With Message In A Bottle (miab), we propose a protocol in modern censors of this kind (e.g., Iran and China) is a difficult which Alice needs to know the least possible about Bob, and how task, as the inner workings of the censoring infrastructure are to bootstrap the protocol. In fact, we will show that it is enough often kept secret. However, we can create a reasonable model for for Alice to know Bob's public key, and nothing else. Alice must our adversary by observing that, ultimately, the Censor will be know at least Bob's public key to authenticate him, so that she constrained by economic factors. Therefore, we postulate that can be sure she is not talking to a disguised censor. However, the censorship we are facing is influenced by these two factors: contrary to systems like Collage and Telex, there is no prearranged • The censoring infrastructure will be constrained by its cost rendezvous point where Alice and Bob must meet. and technological effort; This may now sound like a needle-in-a-haystack problem: If • Over-censoring will have a negative impact on the economy neither Alice nor Bob know how to contact the other one, how of the country. can they ever meet? To make this possible, and reasonably fast, From these factors, we can now devise the capabilities of our miab exploits one of the mechanisms that search engines employ Censor. We choose to do so in a conservative fashion, preferring to generate real-time results from blog posts and news articles: to overstate the Censor's powers than to understate them. We blog pings. Using these pings as a broadcast system, Bob gets make this choice also because we understand that censorship is an covertly notified that a new message from Alice is available, and arms race, in which the Censor is likely to become more powerful where to fetch it from. We will show that, just like a search as technology advances and becomes more pervasive. engine, Bob can monitor the majority of the blogs published on We assume that it is in the Censor's interest to let the general the entire Internet with limited resources, and in quasi real-time. population benefit from Internet access, because of the social In some sense, every blog becomes a potential meeting point and economic advantages of connectivity. This is a fundamental for Alice and Bob. However, there are over 165 million blogs assumption for any censorship-avoidance system: If the country online [8], and since a blog can be opened trivially by anybody, runs an entirely separate network, there is no way out2. for our practical purposes they constitute an infinite resource. The Censor's Capabilities. As part of his infrastructure, As a result of one of our experiments (see Section 5.1), we will the Censor might deploy multiple monitoring stations anywhere show that, to blacklist all the potential miab's drop points in a within his jurisdiction. Through these stations, he can capture, three-months period, the Censor should block at least 40 million analyze, modify, disrupt, and store indefinitely network traffic. fully qualified domain names, and four million IP addresses (as In the rest of the world, he will only be able to harness what is we will show, these are conservative estimates). For comparison, commercially available to him. The Censor can analyze traffic blacklisting a single IP address would block Collage's support for aggregates to discover outliers in traffic patterns, and profile Flickr (the only one implemented), and supporting additional encrypted traffic with statistical attacks on the packets content media-hosting sites requires manual intervention for each one.
Recommended publications
  • Spam in Blogs and Social Media
    ȱȱȱȱ ȱ Pranam Kolari, Tim Finin Akshay Java, Anupam Joshi March 25, 2007 ȱ • Spam on the Internet –Variants – Social Media Spam • Reason behind Spam in Blogs • Detecting Spam Blogs • Trends and Issues • How can you help? • Conclusions Pranam Kolari is a UMBC PhD Tim Finin is a UMBC Professor student. His dissertation is on with over 30 years of experience spam blog detection, with tools in the applying AI to information developed in use both by academia and systems, intelligent interfaces and industry. He has active research interest robotics. Current interests include social in internal corporate blogs, the Semantic media, the Semantic Web and multi- Web and blog analytics. agent systems. Akshay Java is a UMBC PhD student. Anupam Joshi is a UMBC Pro- His dissertation is on identify- fessor with research interests in ing influence and opinions in the broad area of networked social media. His research interests computing and intelligent systems. He include blog analytics, information currently serves on the editorial board of retrieval, natural language processing the International Journal of the Semantic and the Semantic Web. Web and Information. Ƿ Ȭȱ • Early form seen around 1992 with MAKE MONEY FAST • 80-85% of all e-mail traffic is spam • In numbers 2005 - (June) 30 billion per day 2006 - (June) 55 billion per day 2006 - (December) 85 billion per day 2007 - (February) 90 billion per day Sources: IronPort, Wikipedia http://www.ironport.com/company/ironport_pr_2006-06-28.html ȱȱǵ • “Unsolicited usually commercial e-mail sent to a large
    [Show full text]
  • Applied Text Analytics for Blogs
    UvA-DARE (Digital Academic Repository) Applied text analytics for blogs Mishne, G.A. Publication date 2007 Document Version Final published version Link to publication Citation for published version (APA): Mishne, G. A. (2007). Applied text analytics for blogs. General rights It is not permitted to download or to forward/distribute the text or part of it without the consent of the author(s) and/or copyright holder(s), other than for strictly personal, individual use, unless the work is under an open content license (like Creative Commons). Disclaimer/Complaints regulations If you believe that digital publication of certain material infringes any of your rights or (privacy) interests, please let the Library know, stating your reasons. In case of a legitimate complaint, the Library will make the material inaccessible and/or remove it from the website. Please Ask the Library: https://uba.uva.nl/en/contact, or a letter to: Library of the University of Amsterdam, Secretariat, Singel 425, 1012 WP Amsterdam, The Netherlands. You will be contacted as soon as possible. UvA-DARE is a service provided by the library of the University of Amsterdam (https://dare.uva.nl) Download date:06 Oct 2021 Applied Text Analytics for Blogs Gilad Mishne Applied Text Analytics for Blogs Academisch Proefschrift ter verkrijging van de graad van doctor aan de Universiteit van Amsterdam op gezag van de Rector Magnificus prof.dr. J.W. Zwemmer ten overstaan van een door het college voor promoties ingestelde commissie, in het openbaar te verdedigen in de Aula der Universiteit op vrijdag 27 april 2007, te 10.00 uur door Gilad Avraham Mishne geboren te Haifa, Isra¨el.
    [Show full text]
  • TCPA: a Justification for the Prohibition on Spam in 2002 Cindy M
    NORTH CAROLINA JOURNAL OF LAW & TECHNOLOGY Volume 3 Article 9 Issue 2 Spring 2002 3-1-2002 TCPA: A Justification for the Prohibition on Spam in 2002 Cindy M. Rice Follow this and additional works at: http://scholarship.law.unc.edu/ncjolt Part of the Law Commons Recommended Citation Cindy M. Rice, TCPA: A Justification for the Prohibition on Spam in 2002, 3 N.C. J.L. & Tech. 375 (2002). Available at: http://scholarship.law.unc.edu/ncjolt/vol3/iss2/9 This Comments is brought to you for free and open access by Carolina Law Scholarship Repository. It has been accepted for inclusion in North Carolina Journal of Law & Technology by an authorized administrator of Carolina Law Scholarship Repository. For more information, please contact [email protected]. NORTH CAROLINAJOURNAL OF LAW & TECHNOLOGY VOLUME 3, ISSUE 2: SPRING 2002 Comment: The TCPA: A Justification for the Prohibition of Spam in 2002? Cindy M. Rice1 Unsolicited Commercial E-mail: Why is it Such a Problem? Growth of the Internet Statistics show that more and more Americans are using the World Wide Web, making the Internet an increasingly integral part of everyday life. Fifty-six percent of Americans now have Internet access2 and are using it for the exchange of text, images, video and sound. During the last six months of 2000, the number of 3 American adults with Internet access increased by 16 million, with the largest growth attributable to the increase of Internet use in the workplace. Almost every business, from Fortune 500 companies to small entrepreneurs, maintains websites and electronic mail (e-mail) addresses to communicate with and service their customers.
    [Show full text]
  • Slides GenerativeModelsForBlogospheregenerativeModelsForBlogosphere
    TheTheWeb GameGame(2.0) Mining: TheoreticTheoretic Analyzing WebWeb Social Media Anupam Joshi Joint work with Tim Finin and several students Ebiquity Group, UMBC [email protected] http://ebiquity.umbc.edu/ SocialSocial MediaMedia • “Social media describes the online tools and platforms that people use to share opinions, insights, experiences, and perspectives ” - wikipedia • Level of user participation Twitterment beta and thought sharing across varied topics StateState ofof thethe BlogosphereBlogosphere “Blogosphere is the collective term encompassing all blogs as a community or social network’’ Wikipedia Nov 06 KnowingKnowing && InfluencingInfluencing youryour AudienceAudience • Your goal is to campaign for a presidential candidate • How can you track the buzz about him/her? • What are the relevant communities and bogs? • Which communities are supporters, which are skeptical, which are put off by the hype? • Is your campaign having an effect? The desired effect? • Which bloggers are influential with political audience? Of these, which are already onboard and which are lost causes? • To whom should you send details or talk to? KnowingKnowing && InfluencingInfluencing youryour MarketMarket • Your goal is to market Apple’s iPhone • How can you track the buzz about it? • What are the relevant communities and blogs? • Which communities are fans, which are suspicious, which are put off by the hype? • Is your advertising having an effect? The desired effect? • Which bloggers are influential in this market? Of these, which are already onboard and which are lost causes? • To whom should you send details or evaluation samples? OpinionsOpinions inin SocialSocial MediaMedia Reader’s Perspective “Last night in Boston at a mid-dollar fundraiser Narrative“John Edwards is John Edwards gave a fantastic speech .
    [Show full text]
  • Corporate Appropriation of Participatory Culture
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by IUScholarWorks Deuze (2008) 1 CORPORATE APPROPRIATION OF PARTICIPATORY CULTURE MARK DEUZE Bibliographical reference: Deuze, M. (2008). Corporate Appropriation of Participatory Culture. In: Carpentier, N., Livingstone, S. (eds.), Participation and Media Production: Critical Reflections on Content Creation, pp.27-40. Newcastle upon Tyne: Cambridge Scholars Publishers. Introduction Reportedly, there currently are more than one billion internet users, with two billion users expected by 2011 (out of a projected world population of seven billion around that time).1 Among the top ten countries in internet usage are the United States, China, India, Germany, Brazil, and Russia, where internet penetration reaches about two-thirds of the population.2 With businesses – particularly those in the cultural and creative industries – rapidly supplementing or even transferring investments to online, internet has become the foremost frontier over which symbolic, financial and cultural battles are fought. In this chapter, I explore the intersections of commerce and creativity, content and connectivity in terms of a corporate appropriation of the participatory media culture of internet, using social media in general and weblogs in particular as a case study. I will argue that without extending existing definitions of media literacies, and without reinterpreting intellectual property and copyright legislation to extend protections outside of the boundaries of the firm or the state (towards the individual professional or amateur culture creators), the presumably co-creative and collaborative potential of the new digital and networked media ecology will be an exclusive playground for political and commercial institutions rather than a platform for individual cultural entrepreneurs.
    [Show full text]
  • Message in a Bottle: Sailing Past Censorship
    Message In A Bottle: Sailing Past Censorship Luca Invernizzi, Christopher Kruegel, Giovanni Vigna UC Santa Barbara Abstract Exploiting recent advances in monitoring technology and the drop of its costs, authoritarian and oppressive regimes are tightening the grip around the virtual lives of their citizens. Meanwhile, the dissidents, oppressed by these regimes, are organizing online, cloaking their activity with anti-censorship systems that typically consist of a network of anonymizing proxies. The censors have become well aware of this, and they are systematically finding and blocking all the entry points to these networks. So far, they have been quite successful. We believe that, to achieve resilience to blocking, anti-censorship systems must abandon the idea of having a limited number of entry points. Instead, they should establish first contact in an online location arbitrarily chosen by each of their users. To explore this idea, we have developed Message In A Bottle, a protocol where any blog post becomes a potential “drop point” for hidden messages. We have developed and released a proof-of-concept application using our system, and demonstrated its feasibility. To block this system, censors are left with a needle-in-a-haystack problem: Unable to identify what bears hidden messages, they must block everything, effectively disconnecting their own network from a large part of the Internet. This, hopefully, is a cost too high to bear. 1 Introduction The revolutionary wave of protests and demonstrations known as the Arab Spring rose in December 2010 to shake the foundations of a number of countries (e.g., Tunisia, Libya, and Egypt), and showed the Internet’s immense power to catalyze social awareness through the free exchange of ideas.
    [Show full text]
  • Internet Terms Book
    i ii Internet Reference Book 900 Acronyms & Terminologies iii Dedicated To My dear Pakistan Which is my identity And which Deserves to be returned More than It gave me iv Preface Being an Internet and Telecommunication student, I am always on a learning curve of understanding various aspects of technology. To go along the curve, I have to keep myself updated through reading. However, the major problem, I always came across, was the endless presence of various jargons, terminologies and technical acronyms in any article, book or brochure. I needed something handy, to which I could immediately refer. The rarely available Internet dictionaries, being very brief, are no good and searching Internet for each terminology, while reading, is next to impossible. There is nothing available in the market, which goes beyond mere definitions and could explain by examples. The solution was found from Internet. I downloaded over 900 terminologies & acronyms and compiled them in the form of a good handy reference book for my use. I can now read and understand any Internet related material with ease, during travel or at my bedtime. It also gives me pleasure of understanding the technology even when read independently. I am now publishing this material for the benefit of all the young and old Internet students of Pakistan and expect that all of the readers will be equally benefited from this of my effort. The book is organized in alphabetical order on the pattern of any dictionary. Each term has been presented in the form of a continuous paragraph for continuity purpose. Wherever necessary, bullet points have been used to describe features, types and characteristics.
    [Show full text]
  • Incentive-Centered Design for User-Contributed Content
    Incentive-Centered Design for User-Contributed Content Lian Jian Jeffrey K. MacKie-Mason 1 1. WHAT IS UCC? We are seeing the rapid growth of an unusual form of production for informa- tion resources on the Internet. The defining characteristics are that much of the information provided by a producer is donated to the producer, by people not employed by the producer. There are several names for this production technology; we favor user-contributed content (typically there is no boundary between contributors and users of the content).1 Many information producers now significantly (though rarely exclusively) rely on a user-contributed production model. Many are successful and quite socially valuable. We survey several different categories of such information ser- vices in this chapter. Well-known examples include Wikipedia articles; Amazon product reviews; Flickr photos; Digg news stories; del.icio.us Web bookmarks; CiteULike scholarly citations; open-source software projects such as Linux and the Apache web server; Peer2Patent comments on patent applications; the Stan- ford Encyclopedia of Philosophy, and WorldCat library cataloguing. Of course, for every success, there are numerous failures. Providing product created and donated by volunteers seems like a great idea; why didn't anyone think of this before? Of course, the idea is not new: Tom Sawyer induced his friends and neighbors to whitewash Aunt Polly's fence for him.2 More generally, user-contributed content is clearly related to the private provision of public goods [Bergstrom et al., 1986].3 User-contributed content on the Internet exhibits some interesting features, however. For example, most prior examples involved monetary donations (e.g., public radio fundraising), not raw material or finished production (information content).
    [Show full text]
  • The Blogging Revolution: Government in the Age of Web 2.0 David C
    PROVIDING CUTTING-EDGE KNOWLEDGE TO GOVERNMENT LEADERS The Blogging Revolution: Government in the Age of Web 2.0 IBM Center for The Business of Government The IBM Center for About the IBM Center for The Business of Government Through research stipends and events, the IBM Center for The Business of Government stimulates research and facilitates discussion of new approaches to improving the effectiveness of government at the federal, state, local, and international levels. The Center is one of the ways that IBM seeks to advance knowledge on how to improve public sector effectiveness. The IBM Center focuses on the future of the operation and management of the public sector. The Blogging Revolution: The About IBM Global Business Services With consultants and professional staff in more than 160 countries globally, IBM Global Business Services is the world’s largest consulting services organization. IBM Global Business Services provides clients with business process and industry expertise, a deep understanding of technology solutions that address specific industry issues, and the ability to design, build and run those solutions in a way that delivers bottom-line business David C. Wyld value. For more information visit www.ibm.com. 2.0 Web Age of in the Government Maurin Professor of Management and Director of the Strategic e-Commerce/ e-Government Initiative For additional information, contact: Department of Management Jonathan D. Breul Southeastern Louisiana University Executive Director IBM Center for The Business of Government E-Government Series 1301 K Street, NW Fourth Floor, West Tower Washington, DC 20005 (202) 515-4504, fax: (202) 515-4375 e-mail: [email protected] website: www.businessofgovernment.org Wyld C.
    [Show full text]
  • Sailing Past Censorship
    Message In A Bottle: Sailing Past Censorship Luca Invernizzi, Christopher Kruegel, Giovanni Vigna UC Santa Barbara Abstract Exploiting recent advances in monitoring technology and the drop of its costs, authoritarian and oppressive regimes are tightening the grip around the virtual lives of their citizens. Meanwhile, the dissidents, oppressed by these regimes, are organizing online, cloaking their activity with anti-censorship systems that typically consist of a network of anonymizing proxies. The censors have become well aware of this, and they are systematically finding and blocking all the entry points to these networks. So far, they have been quite successful. We believe that, to achieve resilience to blocking, anti-censorship systems must abandon the idea of having a limited number of entry points. Instead, they should establish first contact in an online location arbitrarily chosen by each of their users. To explore this idea, we have developed Message In A Bottle, a protocol where any blog post becomes a potential “drop point” for hidden messages. We have developed and released a proof-of-concept application using our system, and demonstrated its feasibility. To block this system, censors are left with a needle-in-a-haystack problem: Unable to identify what bears hidden messages, they must block everything, effectively disconnecting their own network from a large part of the Internet. This, hopefully, is a cost too high to bear. 1 Introduction The revolutionary wave of protests and demonstrations known as the Arab Spring rose in December 2010 to shake the foundations of a number of countries (e.g., Tunisia, Libya, and Egypt), and showed the Internet’s immense power to catalyze social awareness through the free exchange of ideas.
    [Show full text]